If the account owner has done nothing and has nothing to hide, he would remove the "hidden" status of his systems. Then all could see how many he has. And he could point out the one or two that do not belong to him. I am sure as a major team leader he would notice a large number of systems reporting to his account if he did not own that many, and do something about it. (Not just start his own new team.)

By tracking IP addresses of connections for this account, it would not be too hard to tell which belong to his location/ISP, and which are from infected systems. Only then will they know how wide spread the problem is.

If true - he should be a candidate for total credit =0 and all team credits he has generated so far - including team credits while he was crunching for Germany -
No offense team Germany. As this unfolds it will be interesting for sure!

I do not think it is the same case. This one seems to use different credentials and the classic client. I'd be interested though if it was investigated and the perpetrator persecuted. I mean this is a clearly criminal activity and should be followed up as such, regardless if the author did it in sake of "helping" the science, or just to improve his ranking (and his ego). And since it is not too dificult to track down the account owner, and verifying if it was him who launched the virus, I wonder if the responsible authorities were informed.

I totally agree with Trux's statement. Whether he was installing SETI or trying to steal information from a computer, this is a criminal act and needs to be dealt with as one. At the very least, this alleged-virus-planting-user is guilty of knowing that this was going on and doing nothing about it.

If my RAC started to rise like that and there were strange hosts on my list I would definitely notify someone @ Berkeley...

He claims he doesn't know how to write a virus and we have no proof that he can or has done so. Still, Google his name and observe the interests/skills someone with the same name appears to have. Proves nothing, but it's interesting.

While from the project's point of view I guess these hosts are helping, if SETI is running on them without the owner's knowledge and consent (as appears to be the case with the initial report), it would be a violation of the rules, by the person who installed it or caused it to be installed.

I'm sure BOINC/SETI would not want to be a knowing party to, or beneficiary of illegal/criminal activity, if that's what this turns out to be.

At any rate, Matt says he's looking into it. Let's leave it to him and see what happens.

I just got off the phone with Rom Walton, one of the Berkeley Devs. He informed me that they (SSL/project devs) are aware of this situation, and that they are currently investigating it. It will be given their full attention.

Like I said, Matt is one of the devs, and once I say his post, I knew that they were aware of the problem. It is good that they are actively looking into it.

P.S. If someone else did this, Carsten would only know about it if he looked at his stats, which not everybody does.

He definitely does - he changed the team from SETI Germany to his own one just few days ago. When doing it, you definitely have to pass through your account, where it is inavoidable that you see your RAC and your total credit. Well, now we can speculate that he has 1000 own hosts, and just this single and only stolen one - in that case you are certainly right - he would not notice the difference. However, I'd rather speculate the ratio is rather in the opposite way. Still only speculations. Hope we see the truth soon.

P.S. If someone else did this, Carsten would only know about it if he looked at his stats, which not everybody does.

He definitely does - he changed the team from SETI Germany to his own one just few days ago. When doing it, you definitely have to pass through your account, where it is inavoidable that you see your RAC and your total credit. Well, now we can speculate that he has 1000 own hosts, and just this single and only stolen one - in that case you are certainly right - he would not notice the difference. However, I'd rather speculate the ratio is rather in the opposite way. Still only speculations. Hope we see the truth soon.

Oh, I'd say he DEFINTELY is interested in stats and knows very well what his are. The following is from the forum on Seti.Germany's site:

He wrote he did not know how to write viruses. I wrote I'd be very interested in his opinion and explanation, since I assume he had to see the RAC increase. I am just afraid he won't answer anymore. I am temped to call him, but again, I am no official BOINC representant, and it is not my business to make any such investigation.

Hmmmmm... I don't think anyone smart enough to put BOINC on other people's computers with a virus would leave any trace of their own ID number. But they could be smart in some ways and not in others. But I wonder if such a person would create it to benefit BOINC, but not realize that it hurts BOINC when this is found out eventually ? Or perhaps the person who benefits from the virus has

So far I have read a lot of speculation with no validation. There are a lot of great theories but nothing to really quantify any drastic measures. As earlier stated the best thing to do at this time would be to wait and see what the people at Berkeley come up with. It should be interesting. This is only a test...

So far I have read a lot of speculation with no validation. There are a lot of great theories but nothing to really quantify any drastic measures. As earlier stated the best thing to do at this time would be to wait and see what the people at Berkeley come up with. It should be interesting.

[quote] This thread is already no doubt being indexed by Google. Don't expect someone using the search words 'BOINC virus' to bother with the tiny detail of reading the text, a match will be enough to prove the case.

If certain critical mass is reached, there will be 1000s of know-nothings reporting bad news, for every 1 who does know trying to tell the truth. The larger number wins

FYI, "boinc virus" search with google brings up 69 results. But it only shows 11 as the others are repeats or too similar webpages according to google search parameters. Most of the 11 are from April 2005 or August 2004. This thread is not yet indexed by google. Hey now it is indexed ! Luckily I rechecked google just now and I am still in time to edit this post before the 60 minute time window closed editing. (^: Ok so google has 71 results now.

According to BOINCstats Carsten has got 13 hosts. So with an RAC of 120.000+ these have to be powerful machines at the upper range of what is available today. It would not make any sense to capture single machines unless they are very powerful too as slow PCs would not add to that RAC considerably. But such powerful machines tend to be administrated by very skilled persons who would get to the fraud in a minute. Replaced system files like the wupdmgr.exe would hardly go unheeded.

This sounds all too fishy to be a case of fraud by the account owner himself. I would rather expect a single and very bad joke, which fits with the number of 13 hosts; there surely will not be half a dozen captured average PCs among them as the supposed culprit would then have to have 6 or 7 own machines getting an RAC of 20.000 each, whew! With that crunching power, who needs to cheat for keeps of some hundred or even one or two thousand RAC?

Regards,

Christoph"I know that you believe you understand what you think I said, but I'm not sure you realize that what you heard is not what I meant." R.M. Nixon

The list may say 13 hosts, but if you click through to host stats, there are zero hosts listed. HOST STATS

Again, this is all circumstantial "evidence" and Berkeley is investigating and will take appropriate action. It's sad that something like this ever happens because it does put BOINC/Seti in a bad light even if it's not any of their doing.

I don't know where you all are getting this "13 hosts" from but it is not correct. 13 hosts could not produce that kind of RAC. Look at the top computers page. The biggest, baddest, fastest, most optimized host currently working for seti has a RAC of under 4,000. 4,000 * 13 = 52,000 - not even close. And even "hidden" hosts show up on that page, they just don't list who the owner is.A member of The Knights Who Say NI!
For rankings, history graphs and more, check out:My BOINC stats site

The list may say 13 hosts, but if you click through to host stats, there are zero hosts listed. HOST STATS

Again, this is all circumstantial "evidence" and Berkeley is investigating and will take appropriate action. It's sad that something like this ever happens because it does put BOINC/Seti in a bad light even if it's not any of their doing.

It could be too, that he has merged a great many of the hosts, and may even set the unsuspecting hosts to use his network as a proxy server to make it appear as though all hosts are coming from the same network. But, again, this is all speculation, and I will not rush to judgement as I do not have all the facts and evidence. UCB is investigating, and I will defer to their findings in this matter. I would find it hard to believe that a business executive would put so much at risk for what? the #2 position on the S@H leaderboard? I would find it easier to believe that a disgruntled employee or customer would do something like this. Since it is being investigated by UCB, we should all just relax and wait to see what happens.